Three-way handshake protocol

TCP handshake protocol

In TCP/IP, TCP provides reliable connection services and uses three handshakes to establish a connection.

First handshake: when a connection is established, the client sends the SYN Packet (SYN = J) to the server and enters the syn_send status. Wait for the server to confirm;

The second handshake: when the server receives the SYN packet, it must confirm the customer's Syn (ACK = J + 1) and send a SYN Packet (SYN = K), that is, the SYN + ACK packet, the server enters the syn_recv status;

The third handshake: the client receives the server's SYN + ACK package and sends the ACK (ACK = k + 1) Confirmation package to the server. After the package is sent, the client and server enter the established status, complete three handshakes.

After three handshakes, the client and the server start to transmit data. In the above process, there are some important concepts:

Unconnected queue: in the three-way handshake protocol, the server maintains an unconnected queue, which opens an entry for the SYN Packet (SYN = J) of each client, this entry indicates that the server has received the SYN Packet and sent a confirmation to the customer, waiting for the customer's confirmation package. The connection identified by these entries is in the syn_recv state on the server. When the server receives the customer's confirmation packet, it deletes the entry and the server enters the established state.

Backlog parameter: Maximum number of unconnected queues.

SYN-ACK retransmission times the server sends the SYN-ACK package, if the customer does not receive the confirmation package, the server for the first retransmission, wait for a period of time has not received the customer confirmation package, for the second retransmission, if the number of retransmission times exceeds the maximum number of retransmission times specified by the system, the system deletes the connection information from the semi-connection queue. Note that the waiting time for each retransmission is not necessarily the same.

Semi-connection survival time: the maximum time for the semi-connection queue to survive, that is, the maximum time for the service from receiving the SYN packet to confirming that the message is invalid, the maximum waiting time of all retransmission request packets. The semi-join survival time is also called timeout time and syn_recv survival time.

　　^{[1] * SYN: synchronization flag}

The synchronize sequence numbers column is valid. This flag is valid only when three handshakes are used to establish a TCP connection. It indicates the serial number of the server check sequence of the TCP connection. The serial number is the serial number of the initial client of the TCP connection. Here, we can regard the TCP sequence number as a 32-bit counter ranging from 0 to 4,294,967,295. Each byte in the data exchange over TCP connections is serial number. The serial number column in the TCP header contains the serial number of the first byte in the TCP segment.

* Ack: confirm the flag

The acknowledgement number column is valid. In most cases, this flag is set. The validation number (W + 1, figure-1) contained in the validation number column in the TCP header is the next expected sequence number, prompting that the remote system has successfully received all data.

* Rst: reset flag

The reset flag is valid. Used to reset the corresponding TCP connection.

* URG: emergency sign

The URGent pointer sign is valid. Emergency flag placement,

* PSH: Push flag

When this flag is set, the receiving end does not process the data in the queue, but forwards the data to the application as soon as possible. This flag is always set to a bit when you connect to telnet, rlogin, or other interactive modes.

* Fin: End flag

The packet with this flag is used to end a TCP session, but the corresponding port is still open, ready to receive subsequent data.